Krantz Secure Technologies is proud to have recently hosted an informative webinar on January 31 with our very own Jim Krantz presenting on the cyber security threats that face businesses in the modern world.
Cybercriminals are able to do this thanks to the availability of hacking tools, communities and services online through the “Dark” or “Deep” web; the reality is that you don’t have to be an expert (or a geek) to hack anymore.
That’s why it so important to ensure you have these essential components to secure your IT infrastructure:
However, one of the significant risks is the user: you and your employees. Without the right knowledge and awareness, an unsuspecting user can put the business at risk. For example, a common issue is password management:
Furthermore, untrained users are easy targets for hackers and social engineering techniques, which trick the employee into giving out sensitive information, or performing a task on behalf of the cybercriminal.
A popular social engineering tactic among hackers today is “phishing”, a method in which they send fraudulent emails that appear to be from reputable company members in order to get recipients to reveal sensitive information and execute significant financial transfers. With only a surprisingly small amount of information, cybercriminals can convincingly pose as business members and superiors in order to persuade employees to give them money, data or crucial information.
Popular versions of phishing include “spear phishing”, in which the cybercriminal focuses on and studies a specific user more directly, in order to guarantee their success; and “whaling”, which targets C-Level executives to siphon money and steal data.
Then there’s Business Email Compromise (BEC), which tricks a user into authorizing a major wire transfer of funds to a seemingly legitimate recipient. Since January 2015, the FBI has reported a 1,300% increase in instances of BEC, with only 4% of the lost funds ever being recovered.
The fact is that all these methods rely on users to click a link, open an attachment, or simply believe what they are reading in an email without confirming it in another way (such as, by calling the person the email was sent from to confirm their request for a wire transfer).
That’s why Security Awareness Training is so important. With the right training, your staff can recognize phishing emails, and avoid clicking links and opening email attachments from unverified senders.
The webinar then moved on to the topic of Mobile Device Security. Despite the ever-growing usage of mobile technology for both business and pleasure, security practices have not kept up. Given how much sensitive data is stored on and moves through you and your staff’s mobile devices, it’s vital to use security measures such as:
The webinar also touched on how popular — and unsafe — public Bluetooth and Wi-Fi usage is. Despite the convenience, using Bluetooth and Wi-Fi hotpots can be very dangerous, as cybercriminals can use them to steal information, read private messages and emails, spread viruses, and more.
Furthermore, businesses have to be aware of security concerns when it comes to the Internet of Things — like smart TVs, printers, etc. — which have little to no security and no way of updating them when new exploits are discovered. That’s why it’s vital to ensure they are isolated on their own sub-network, so that cybercriminals can’t use them as a way to access your main network and data.
To learn more the best cloud solution on the market, and to sign up for our next webinar, be sure to get in touch with Krantz Secure Technologies right away at (212) 286-0325 or ITsolutions@krantzsecure.com.